A currently unidentified group of cyber-criminals are targeting users on freelance websites. The attackers are sending emails to users with an attached document requesting that they respond to them with a cost proposal and timeframe for the work. The attachments have turned out to be malicious. The documents contain macros which initiate the download of various malware. Some of the malware that has been discovered include keyloggers and remote access trojans (RAT’s). Freelancers are particularly susceptible to phishing campaigns and make prime targets because they deal heavily in emails from people that they do not already know and trust.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased